The number of keyloggers unleashed by hackers soared by 65% this year as E-criminals rush to steal identities and information, according to VeriSign iDefense.

Gregg Keizer, Contributor

November 15, 2005

3 Min Read

The number of keyloggers unleashed by hackers exploded this year, soaring by 65 percent in 2005 as e-criminals rush to steal identities and information, a security intelligence firm said Tuesday.

"The overall number of keyloggers has just skyrocketed this year," said Ken Dunham, senior engineer with Reston, Va.-based VeriSign iDefense. "It's all part of the last year's, 18 months' change in motive toward crimeware."

Keyloggers are small programs, silently installed by the attacker, typically after an earlier attack that compromised the computer through a vulnerability in the operating system or Internet browser, that record all or selected keystrokes, then sends that data to the hacker.

Hackers are on a pace to deploy a record-setting 6,191 different keyloggers in 2005, a 65 percent boost from the 3,753 keyloggers released in 2004, said iDefense. As recently as 2000, there were a paltry 300.

"There's been an explosion of keylogger code integrated into other [malicious] packages," said Dunham, "especially spyware and phishing e-mails."

Keyloggers are on the upswing for a simple reason: they make money for their handlers. Once activated, a keylogger can track and record personal data such as account numbers or passwords, or silently steal login information to later access corporate networks to hijack confidential information.

"There's a whole economy based on stolen information," said Dunham. "You can make money with just about any angle you want. Don't want to deal with stolen credit cards? Then you can use a keylogger to gain entrance to a business' network and steal licensing codes for software."

These keyboard trackers don't exist in a vacuum, of course, but are just one part of the crimeware landscape. "Rootkit functionality is increasingly becoming part of keylogger technology," said Dunham, referring to the Trojans used to cloak certain files to make them difficult for anti-virus, anti-spyware, or other security software to detect and delete. "Keyloggers, adware and spyware, and rootkits, they're all coming together. Whatever can make an attack stealthier and make it last longer, that's where it's all at in criminals' minds."

With their numbers dramatically on the increase, it's no surprise that keyloggers made news in 2005. A keylogger-based theft of 220 million pounds ($382 million) from the London offices of the Japanese bank Sumitomo Mitsui was foiled in March, while in August, researchers at Sunbelt Software stumbled on an offshore server jammed with information -- including usernames, passwords, telephone numbers, credit card and bank account numbers -- stolen with a keylogger.

Keyloggers are particularly dangerous because of their stealthy qualities; you can't stop what you can't see.

"Everybody knows about viruses and worms, but the threat of the unknown is the greatest threat we face," said Dunham.

iDefense, acquired by VeriSign earlier this year, provides security and vulnerability intelligence to enterprises, and said that in addition to basic defenses like anti-virus programs and firewalls, one way to combat the threat is to track the hackers and gangs that promote and use keyloggers.

About the Author(s)

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like


More Insights